Skip to content
Find file Blame History Permalink
  • oliver@apple.com's avatar
    Crash in void JSC::validateCell<JSC::RegExp*>(JSC::RegExp*) · 780d3ccb
    oliver@apple.com authored 
    https://bugs.webkit.org/show_bug.cgi?id=70689

Reviewed by Filip Pizlo.

While performing codegen we need to make the GlobalData explicitly
aware of the codeblock being compiled, as compilation may trigger GC
and CodeBlock holds GC values, but has not yet been assigned to its
owner executable.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::~BytecodeGenerator):
* bytecompiler/BytecodeGenerator.h:
* heap/AllocationSpace.cpp:
(JSC::AllocationSpace::allocateSlowCase):
* heap/Heap.cpp:
(JSC::Heap::markRoots):
* runtime/JSGlobalData.cpp:
(JSC::JSGlobalData::JSGlobalData):
* runtime/JSGlobalData.h:
(JSC::JSGlobalData::startedCompiling):
(JSC::JSGlobalData::finishedCompiling):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@98302 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    780d3ccb